With the release of iOS 9 just around the corner, it’s crucial that app developers be proactive about what the release means for security, understand what will now be possible in terms of app thinning, and make the most of other improvements that will enhance user experience and/or increase user engagement.

Here’s what I think are the most important things about iOS 9 for app developers to be on top of, in order of priority.

#1: Default SSL Support

HTTPS will become the default on iOS 9, and as a developer, your first order of business should be to make sure that your applications and backend servers fully support it.

For applications that are built with Xcode 7, iOS 9 will block all non-SSL (HTTP) connections unless the developer specifically opts out insecure domains one by one.

Apple is also taking drastic measures by enforcing best practices in secure communication. Apple defines the best practices as:

- At least Transport Layer Security (TLS) protocol version 1.2

- Only ciphers that provide forward secrecy (the full list can be found on Apple’s pre-release docs)

- SHA256 or better signing algorithm with either a 2048 bit or greater RSA key or a 256 bit or greater Elliptic-Curve (ECC) key

A good way to check if your backend supports all the requirements would be to use Qualys SSL Server Test.

Unless the backend complies with Apple’s SSL requirements, applications built with Xcode 7 will lose their ability to talk with the backend. Note that these requirements are not going to be enforced on existing applications in the App Store.

#2: App Thinning

App thinning via iOS 9 should mean that you can significantly reduce the size of your applications. App thinning consists of three parts:

Slicing

This is an optimization that the App Store performs automatically: the developer-uploaded app bundle is automatically converted into multiple variants suitable for different devices.

For instance, a user on an iPhone 4S won’t download an ARM64 binary and resources suitable for iPad Air 2.

There is no action the developer needs to take in order to take leverage slicing.

On-Demand Resources

This is a streamlined API to divide and progressively download an application’s resources on demand.

For instance, a certain set of images and sound files will be downloaded by the application only after a user completes an in-app purchase that unlocks these features.

Using this API requires some work on the developer’s end. However, Apple makes it simpler by providing the API and hosting all resources on its servers (at least for applications that are distributed within the App Store).

Bitcode

Although this is not a size optimization, Bitcode support reduces the amount of work developers have to do to support new platforms. If the application has Bitcode support, the App Store will automatically recompile the code to support new devices.

For instance, if the next generation of iPhones uses a new variant of ARM64, all Bitcode-enabled applications will be available for this device automatically.

Again, there is no action required of the developer to take advantage of this feature, assuming all the project dependencies are also Bitcode-enabled. There is a way, however, to disable it should one need to retain full control over the distributed binary.

#3: Safari View Controller

The cumbersome process of writing miniature browsers to display web content within apps is now going away with the advent of iOS 9, thanks to the Safari View Controller. Applications will be able to just use Safari itself to show their web pages. This will be not only easier on developers, but it will also create a better user experience because of shared cookies. This means that users won’t have to re-login when browsing, but their privacy and security will still be maintained.

#4 App Content Search

From a user perspective, exposing the Core Spotlight API to third-party apps will make iOS Spotlight a lot smarter. From a developer standpoint, searchable app content will increase user engagement, because Spotlight or Safari search results may link users to the content deep within third-party apps.

For example, if a user is searching for ‘gems’, Spotlight will not only suggest matches in contacts (“Mrs. Elena Gems”), and emails (“Gems of Engineering”), but might also include a deep-link to buy more gems in the user’s favorite game.

#5: Multiple Gaming Improvements

With iOS 8, Apple added Metal, a huge boost to mobile game performance. This year, iOS 9 will feature a few new frameworks to make gaming development easier and more performant. Check out GameplayKit, Model I/O, and ReplayKit, all of which have been added to the stack. Game developers embarking on new projects might benefit from these new frameworks.

As one can see, iOS 9 brings a lot of enhancements to user experience and security. It also goes a long way to ensure this improved user experience does not come at a high development price. So bring yourself up to speed on these important new features. Your product will improve, and your customers will benefit.